Code to get field value from DB not working
Posted: Sun May 14, 2006 12:15 pm
Hi all,
I've got some php code that basically takes a username and password, checks them, and lets you log in. It then lets you edit a large text box, saves it to a DB, or if it is already in the DB for that username, updates it.
I have a session variable called insert which I set to true if when I try and get the text from the DB it is equal to "", ie. the record ain't found, and therefore I know I have to use SQL insert not SQL update. Basically, I'm not quite sure which bit of my code has gone wrong - but it doesn't seem to get anything from the DB for that field at all - regardless if it is there or not.
I've got three files, and I've posted the contents of them below.
auth.php - Authenticates users and passes them to form.php
form.php - Displays the form and tries to fill the textarea with what is already in the DB. This is where I think the problem is
process.php - Processes the output from form.php - does the adding to the DB, and returns success
Thanks in advance for any help you can give,
Robin
I've got some php code that basically takes a username and password, checks them, and lets you log in. It then lets you edit a large text box, saves it to a DB, or if it is already in the DB for that username, updates it.
I have a session variable called insert which I set to true if when I try and get the text from the DB it is equal to "", ie. the record ain't found, and therefore I know I have to use SQL insert not SQL update. Basically, I'm not quite sure which bit of my code has gone wrong - but it doesn't seem to get anything from the DB for that field at all - regardless if it is there or not.
I've got three files, and I've posted the contents of them below.
auth.php - Authenticates users and passes them to form.php
Code: Select all
<?session_start();
if ( $_GET['check'] == 1 ) {
//Connection parameters
$dsn="TestAccess";
//Create the connection
$conn=odbc_connect($dsn,"","");
//Get the username and password from the form
$UserName = $_POST['username'];
$Password = $_POST['password'];
$query = odbc_exec($conn,"SELECT * FROM tblAuth WHERE UserName='".$UserName."';");
//Get the username and password from the DB
$DBUserName = odbc_result($query, "UserName");
$DBPassword = odbc_result($query, "Password");
//If passwords are equal...
if ($Password == $DBPassword) {
//Set some session vars with the users details
$_SESSION['user'] = $UserName;
$_SESSION['pass'] = $Password;
//Redirect to form.php
header("Location: form.php");
exit;
}
else {
//Whoops - user entered wrong password!
echo "Sorry, your username and password did not match. Please try again";
}
}
else{?>
<form action="auth.php?check=1" method="post">
Username: <input type="text" name="username"/><BR>
Password: <input type="text" name="password"/><P>
<input type="submit" />
</form>
<?
}
?>Code: Select all
<?session_start();
echo "<B>Username: </B>".$_SESSION['user']."<BR>";
echo "<B>Password: </B>".$_SESSION['pass']."<BR>";
echo "<P>";
?>
<form action="process.php" method="post">
RandomText:<BR>
<?
//Connection parameters
$dsn="TestAccess";
//Create the connection
$conn=odbc_connect($dsn,"","");
//Finds the users record
$query = odbc_exec($conn,"SELECT * FROM tblTest WHERE UserName='".$_SESSION['user']."';");
//Gets the value in the field TextField
$TextField = odbc_result($query, "TextField");
//Prints out value for testing purposes
echo "TextField:<BR>";
echo $TextField;
//Puts $TextField into TextArea - supposedly!
echo "<textarea name=\"textfield\" rows=\"20\" cols=\"80\">".$TextField."</textarea><P>";
?>
<select name="house">
<option>Hatfield</Option>
<option>Poulton</Option>
<option>Benhams</Option>
<option>The Mount</Option>
<option>Greenslade</Option>
</select><P>
<input type="submit" />
</form>
<?
//Sets a session variable so that I know whether to insert or update
if ( $TextField == "" ) {
$_SESSION['insert'] = 1;
echo 1;
}
//If its called with ?success=1 then display message
if ( $_GET['success'] == "1") {
echo Success;
}
?>Code: Select all
<?
session_start();
//Connection parameters
$dsn="TestAccess";
$username="";
$password="";
//Create the connection
$conn=odbc_connect($dsn,$username,$password);
//If the SESSION user var isn't empty - ie. someone is logged in.
if ( !( $_SESSION['user'] == "") ) {
//If we have to insert...do it
if ( $_SESSION['insert'] = 1 ) {
$sql = "INSERT INTO tblTest (UserName, TextField, House) VALUES ('".$_SESSION['user']."','".$_POST['textfield']."','".$_POST['house']."');";
}
else {
//Otherwise UPDATE
$sql = "UPDATE tblTest SET UserName='".$_SESSION['user']."', TextField='".$_POST['textfield']."',House='".$_POST['house']."' WHERE UserName='".$_SESSION['user']."';";
}
}
//Execute the SQL
$result=odbc_exec($conn, $sql);
//Redirect to form.php - showing the success message
header("Location: form.php?success=1");
//Close the connection
odbc_close($conn);
?>Robin